Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method for managing the status of a connected device by publishing assertions in an immutable distributed database composed of a plurality of compute nodes, a pair of keys comprising a public key and a private key being associated with the connected device, the method comprising the steps of: receiving by the connected device from a first terminal associated to a first user an instruction message comprising an identifier of said first user and at least a status information to be taken into account for the connected device, said status information being used to manage the ownership of the connected device; verifying by the connected device that the first user is allowed to modify the status of the connected device and in case of a positive verification, preparing an assertion request comprising the status information, the assertion request being signed by the connected device using its private key; sending by the connected device the assertion request to the immutable distributed database for publishing an assertion comprising the status information, the assertion being published once the signature is positively verified by a compute node of the distributed immutable database using the public key associated to the connected device.
This invention relates to managing the status of connected devices using an immutable distributed database. The problem addressed is ensuring secure and verifiable ownership and status updates for connected devices in a decentralized system. The solution involves a method where a connected device receives an instruction message from a user terminal, containing user identification and status information related to device ownership. The device verifies the user's authorization to modify its status. If authorized, the device prepares an assertion request with the status information, signs it using its private key, and sends it to an immutable distributed database. The database, composed of multiple compute nodes, verifies the signature using the device's public key. Once verified, the assertion is published in the database, ensuring tamper-proof recording of the device's status. This approach leverages cryptographic signing and distributed ledger technology to maintain an auditable and secure record of device ownership and status changes. The system ensures that only authorized users can modify device status, and the immutable database provides a transparent and verifiable history of all changes.
2. The method according to claim 1 , wherein the status information status information comprises an identifier of the new owner of the connected device.
3. The method according to claim 2 , wherein the identifier of the new owner is the public key belonging to a pair of keys comprising a public key and a private key, said key pair being attributed to the new owner of the connected device.
This invention relates to secure ownership transfer of connected devices using cryptographic key pairs. The problem addressed is ensuring secure and verifiable ownership changes in connected devices, particularly in scenarios where devices may be resold, reassigned, or transferred between users. The solution involves using a public-private key pair to authenticate and authorize the new owner of a connected device. When ownership is transferred, the identifier of the new owner is the public key from a cryptographic key pair attributed to the new owner. This public key is used to verify the new owner's identity and authorize access to the device. The private key, held securely by the new owner, enables cryptographic operations such as decryption or digital signatures to further authenticate ownership. This method ensures that only the legitimate new owner, possessing the corresponding private key, can prove ownership and control the device. The approach enhances security by leveraging asymmetric cryptography, preventing unauthorized transfers and ensuring traceability of ownership changes. The system may integrate with broader device management frameworks, where the public key is registered in a trusted database or blockchain to validate ownership claims. This method is particularly useful in IoT (Internet of Things) environments, where secure device ownership is critical for access control and data security.
4. The method according to claim 3 , wherein the instruction message comprises an identifier of the former owner of the connected device and an indication for replacing it by the new owner thanks to the publication of an assertion in the immutable distributed database indicating the new owner as the legitimate owner.
5. The method according to claim 1 , wherein the received instruction message comprises a secret data, the first user being considered as allowed to modify the status of the connected device if the received secret data is identical to a secret data stored in the connected device which demonstrates that the first user and the connected device are sharing the same secret.
6. The method according to claim 2 , wherein the ownership of the connected device is transferred from the first user to a second user for him to become the new owner, the transfer being initiated by the second user using a second terminal to which it is associated by sending an acknowledgement message to the first terminal, said acknowledgment message comprising at least an instruction for transferring the ownership of the connected device to the second user and an identifier of the second user.
7. The method according to claim 2 , wherein the ownership of the connected device is transferred from a second user to the first user for him to become the new owner, the transfer being initiated by the second user using a second terminal to which it is associated by sending an acknowledgement message to the first terminal, said acknowledgment message comprising at least an instruction for transferring the ownership of the connected device to the first user and an identifier of the second user.
8. The method according to claim 1 , wherein the connected device verifies that the first user is allowed to modify the status of the connected device by checking its internal ownership record or in the immutable distributed database if a publish assertion indicates that it is the legitimate owner of the connected device.
This invention relates to a method for securely managing access and control of connected devices in a distributed system. The problem addressed is ensuring that only authorized users can modify the status of connected devices, preventing unauthorized changes that could compromise security or functionality. The method involves a connected device verifying whether a user is permitted to modify its status by checking ownership records. The device first consults its internal ownership record to determine if the user is authorized. If the internal record is insufficient or unavailable, the device checks an immutable distributed database, such as a blockchain, for a publish assertion that confirms the user's legitimate ownership. This assertion serves as verifiable proof that the user has the right to modify the device's status. The distributed database ensures transparency and tamper-proof ownership records, enhancing security and trust in the system. The method ensures that only legitimate owners can modify device status, preventing unauthorized access and maintaining system integrity. The use of an immutable distributed database provides a decentralized and secure way to verify ownership, reducing reliance on centralized authorities and minimizing the risk of fraud or manipulation. This approach is particularly useful in IoT (Internet of Things) environments where devices may need to authenticate users before allowing changes to their configuration or operation.
9. The method according to claim 1 , wherein the instruction message is received from the first terminal on which an application is installed, said application being adapted to control the preparation of the instruction message.
10. The method according to claim 1 , wherein the connected device sends a request to the immutable distributed database in order to read its status information as published in the immutable distributed database and receives in response said status information.
11. The method according to claim 10 , wherein if the received status information indicates that the connected device is stolen or lost, it switches into a minimum service mode and waits for receiving instructions from its legitimate owner.
12. A connected device which is associated to a status information accessible to a third party by reading an assertion published in a immutable distributed database composed of a plurality of compute nodes, a pair of keys comprising a public key and a private key being associated to the connected device, the connected device being configured to receive an instruction message comprising an identifier of a first user and at least a status information to be taken into account for the connected device, said status information being used to manage the ownership of the connected device; to verify that the first user is allowed to modify the status of the connected device and in case of a positive verification, to prepare an assertion request comprising the status information, the assertion request being signed by the connected device using its private key; to send the assertion request to the immutable distributed database for publishing an assertion comprising the status information, the assertion being published once the signature is positively verified by a compute node of the immutable distributed database using the public key associated to the connected device.
13. The connected device of claim 12 , wherein the status information comprises an identifier of the new owner of the connected device.
14. The connected device of claim 13 , wherein the identifier of the new owner is the public key belonging to a pair of keys comprising a public key and a private key, said key pair being attributed to the new owner of the connected device.
A system for securely transferring ownership of a connected device involves a method where a current owner initiates a transfer by generating a transfer request. The system verifies the current owner's identity and, upon successful verification, generates a transfer token. This token is then provided to the new owner, who uses it to claim ownership of the device. The transfer process includes updating the device's ownership records to reflect the new owner's identity, ensuring secure and verifiable ownership transitions. The identifier of the new owner is a public key from a cryptographic key pair, consisting of a public key and a corresponding private key. This key pair is uniquely attributed to the new owner, enabling secure authentication and authorization. The use of public-key cryptography ensures that only the legitimate new owner, who possesses the corresponding private key, can complete the ownership transfer. This method enhances security by preventing unauthorized transfers and ensuring that only verified owners can claim and manage the device. The system is designed for connected devices that require secure ownership management, such as IoT devices, smart appliances, or other networked hardware.
15. The connected device of claim 14 , wherein the instruction message comprises an identifier of the former owner of the connected device and an indication for replacing it by the new owner thanks to the publication of an assertion in the immutable distributed database indicating the new owner as the legitimate owner.
A system for securely transferring ownership of a connected device involves a distributed ledger or immutable database to verify and record ownership changes. The device includes a communication module to receive an instruction message containing an identifier of the former owner and a directive to update ownership records. Upon receiving this message, the device processes the instruction by publishing an assertion in the distributed database, which cryptographically links the new owner to the device, effectively replacing the former owner's record. This ensures tamper-proof ownership verification and prevents unauthorized transfers. The system may also include authentication mechanisms to validate the legitimacy of the new owner before updating the database. The distributed ledger provides transparency and immutability, allowing all parties to verify ownership history without relying on a central authority. This approach is particularly useful for high-value or sensitive devices where secure ownership tracking is critical, such as in IoT, automotive, or industrial equipment sectors. The solution addresses challenges in traditional ownership transfer methods, such as fraud, disputes, and lack of verifiable records.
16. The connected device of claim 12 , wherein the received instruction message comprises a secret data, the first user being considered as allowed to modify the status of the connected device if the received secret data is identical to a secret data stored in the connected device which demonstrates that the first user and the connected device are sharing the same secret.
17. The connected device of claim 13 , wherein the ownership of the connected device is transferred from the first user to a second user for him to become the new owner, the transfer being initiated by the second user using a second terminal to which it is associated by sending an acknowledgement message to the first terminal, said acknowledgment message comprising at least an instruction for transferring the ownership of the connected device to the second user and an identifier of the second user.
18. The connected device of claim 13 , wherein the ownership of the connected device is transferred from a second user to the first user for him to become the new owner, the transfer being initiated by the second user using a second terminal to which it is associated by sending an acknowledgement message to the first terminal, said acknowledgment message comprising at least an instruction for transferring the ownership of the connected device to the first user and an identifier of the second user.
19. The connected device of claim 13 , wherein the connected device verifies that the first user is allowed to modify the status of the connected device by checking its internal ownership record or in the immutable distributed database if a publish assertion indicates that it is the legitimate owner of the connected device.
This invention relates to a connected device that verifies user permissions before allowing modifications to its status. The device operates within a system where ownership and access rights are managed through an immutable distributed database, such as a blockchain, or through internal records stored on the device itself. When a first user attempts to modify the device's status, the device checks whether the user is authorized by consulting either its internal ownership records or the distributed database. If the user has published an assertion confirming legitimate ownership, the device verifies this assertion before granting permission. This ensures that only authorized users can modify the device's status, enhancing security and preventing unauthorized changes. The system is designed to work in environments where decentralized verification of ownership is critical, such as in IoT networks or shared device ecosystems. The verification process may involve cryptographic checks or consensus mechanisms to confirm the validity of the ownership assertion. This approach reduces reliance on centralized authorities while maintaining robust access control.
20. The connected device of claim 12 , wherein the instruction message is received from the first terminal on which an application is installed, said application being adapted to control the preparation of the instruction message.
21. The connected device of claim 12 , wherein the connected device sends a request to the immutable distributed database in order to read its status information as published in the immutable distributed database and receives in response said status information.
22. The connected device of claim 21 , wherein if the received status information indicates that the connected device is stolen or lost, it switches into a minimum service mode and waits for receiving instructions from its legitimate owner.
A system for managing connected devices includes a device configured to receive status information from a remote server. The device monitors its operational state and communicates with the server to determine whether it has been reported as stolen or lost. If the server indicates the device is stolen or lost, the device automatically transitions into a minimum service mode, restricting its functionality to essential operations only. In this mode, the device remains operational but limits access to non-critical features, such as disabling network connectivity or restricting user input. The device then waits for further instructions from its legitimate owner, which may include commands to lock the device, erase data, or restore full functionality. The system ensures that lost or stolen devices remain usable for recovery purposes while preventing unauthorized access to sensitive data. The device may also periodically check its status with the server to confirm whether the stolen or lost status has been resolved. This approach enhances security by automatically enforcing protective measures when theft or loss is detected, while maintaining the device's availability for recovery efforts.
23. The method according to claim 1 , wherein the immutable distributed database is a database in which data is stored across the plurality of compute nodes of the immutable distributed database.
This invention relates to distributed database systems, specifically methods for managing data storage and retrieval in an immutable distributed database. The system addresses the challenge of ensuring data integrity and consistency across multiple compute nodes while maintaining immutability, meaning once data is stored, it cannot be altered or deleted. The method involves storing data across a plurality of compute nodes in the immutable distributed database. Each compute node operates independently but collaborates with others to maintain a consistent and tamper-proof record of data. The immutability ensures that once data is written, it remains unchanged, providing a reliable and auditable history of all transactions. This is particularly useful in applications requiring high security, such as financial transactions, supply chain tracking, or blockchain-based systems. The distributed nature of the database enhances fault tolerance and availability, as data is replicated across multiple nodes, reducing the risk of data loss or corruption. The system may also include mechanisms for verifying data integrity, such as cryptographic hashing or consensus protocols, to ensure that all nodes agree on the state of the database. This method improves upon traditional centralized databases by eliminating single points of failure and providing a more resilient and transparent data storage solution.
24. The connected device of claim 12 , wherein the immutable distributed database is a database in which data is stored across the plurality of compute nodes of the immutable distributed database.
Unknown
March 30, 2021
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.